Accessing a host with variable IP addresses / connection types

classic Classic list List threaded Threaded
57 messages Options
123
Reply | Threaded
Open this post in threaded view
|

Accessing a host with variable IP addresses / connection types

celejar
Hi,

I've been bedeviled by this question for a while, but have been unable
to figure out a clean, non-hackish solution. It may be an XY problem ...

I have a system (laptop, running Debian) that is sometimes connected
directly to my LAN, and sometimes connected via VPN (wireguard, to the
local router, running OpenWrt). The LAN is 192.168.0.0/24, with the
laptop having a fixed, static address in that range (although I'm
certainly open to using DHCP, possibly with a fixed address
reservation). The VPN is 10.0.0.0/24, with the laptop getting a fixed,
static address in that range (and wireguard apparently doesn't work
with dhcp).

I currently have an entry in /etc/hosts on the various LAN hosts
assigning a hostname to the laptop's fixed local address, and the LAN
hosts can access the laptop via that hostname. [I could alternatively
use dnsmasq, which is running on the router regardless.] This obviously
doesn't work when the laptop is connected via VPN. [The laptop can
access the LAN hosts fine via their hostnames, so I seem to have the
routing correctly configured on the laptop and the router.]

What I seem to want (but maybe XY?) is some way to adjust the host
files (or dnsmasq's information) so that the hostname will resolve to
the LAN address when the laptop is connected to the LAN, and the VPN
address when it's connected via VPN. If everything was using DHCP, this
would be straightforward enough, but as I said, the VPN apparently
needs to be configured statically, and not via DHCP. I could obviously
use some custom script (using, say, ageas, to modify host files) but
this seems hackish. What is a standard, 'correct' way to do this, or
more generally, to enable the LAN hosts to access the laptop
seamlessly regardless of its IP address and connection type?

Celejar

Reply | Threaded
Open this post in threaded view
|

Re: Accessing a host with variable IP addresses / connection types

Pascal Hambourg-2
Le 16/04/2019 à 17:03, Celejar a écrit :
>
> What I seem to want (but maybe XY?) is some way to adjust the host
> files (or dnsmasq's information) so that the hostname will resolve to
> the LAN address when the laptop is connected to the LAN, and the VPN
> address when it's connected via VPN. [...]
> What is a standard, 'correct' way to do this, or
> more generally, to enable the LAN hosts to access the laptop
> seamlessly regardless of its IP address and connection type?

Dynamic DNS.

Reply | Threaded
Open this post in threaded view
|

Re: Accessing a host with variable IP addresses / connection types

celejar
On Tue, 16 Apr 2019 20:45:54 +0200
Pascal Hambourg <[hidden email]> wrote:

> Le 16/04/2019 à 17:03, Celejar a écrit :
> >
> > What I seem to want (but maybe XY?) is some way to adjust the host
> > files (or dnsmasq's information) so that the hostname will resolve to
> > the LAN address when the laptop is connected to the LAN, and the VPN
> > address when it's connected via VPN. [...]
> > What is a standard, 'correct' way to do this, or
> > more generally, to enable the LAN hosts to access the laptop
> > seamlessly regardless of its IP address and connection type?
>
> Dynamic DNS.

Thanks. I thought of that, but I'm going to need more explanation and
help. I understand that I can use something like nsupdate to update DNS
records, but then I'd need to install and configure a compatible DNS
server - the one I currently use, dnsmasq, apparently doesn't support
RFC 2136 updates. Is there something I'm missing?

Additionally, I'm using simple hostnames, not FQDN names. Will that
still work with dynamic DNS?

Celejar

Reply | Threaded
Open this post in threaded view
|

Re: Accessing a host with variable IP addresses / connection types

Richard Hector
In reply to this post by celejar
On 17/04/19 3:03 AM, Celejar wrote:

> Hi,
>
> I've been bedeviled by this question for a while, but have been unable
> to figure out a clean, non-hackish solution. It may be an XY problem ...
>
> I have a system (laptop, running Debian) that is sometimes connected
> directly to my LAN, and sometimes connected via VPN (wireguard, to the
> local router, running OpenWrt). The LAN is 192.168.0.0/24, with the
> laptop having a fixed, static address in that range (although I'm
> certainly open to using DHCP, possibly with a fixed address
> reservation). The VPN is 10.0.0.0/24, with the laptop getting a fixed,
> static address in that range (and wireguard apparently doesn't work
> with dhcp).
>
> I currently have an entry in /etc/hosts on the various LAN hosts
> assigning a hostname to the laptop's fixed local address, and the LAN
> hosts can access the laptop via that hostname. [I could alternatively
> use dnsmasq, which is running on the router regardless.] This obviously
> doesn't work when the laptop is connected via VPN. [The laptop can
> access the LAN hosts fine via their hostnames, so I seem to have the
> routing correctly configured on the laptop and the router.]
>
> What I seem to want (but maybe XY?) is some way to adjust the host
> files (or dnsmasq's information) so that the hostname will resolve to
> the LAN address when the laptop is connected to the LAN, and the VPN
> address when it's connected via VPN. If everything was using DHCP, this
> would be straightforward enough, but as I said, the VPN apparently
> needs to be configured statically, and not via DHCP. I could obviously
> use some custom script (using, say, ageas, to modify host files) but
> this seems hackish. What is a standard, 'correct' way to do this, or
> more generally, to enable the LAN hosts to access the laptop
> seamlessly regardless of its IP address and connection type?
What about connecting to the VPN even from the LAN? So the VPN address
is always available.

Another thought I've had in the past, but probably won't work in this
case (because one of the locations is on the same side of the router as
the other machines) is to give the laptop its own block (on the loopback
or maybe a dummy device), and adjust the routing tables (which the
wireguard server will probably do).

Richard



signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Accessing a host with variable IP addresses / connection types

celejar
On Wed, 17 Apr 2019 13:45:05 +1200
Richard Hector <[hidden email]> wrote:

> On 17/04/19 3:03 AM, Celejar wrote:

...

> > What I seem to want (but maybe XY?) is some way to adjust the host
> > files (or dnsmasq's information) so that the hostname will resolve to
> > the LAN address when the laptop is connected to the LAN, and the VPN
> > address when it's connected via VPN. If everything was using DHCP, this
> > would be straightforward enough, but as I said, the VPN apparently
> > needs to be configured statically, and not via DHCP. I could obviously
> > use some custom script (using, say, ageas, to modify host files) but
> > this seems hackish. What is a standard, 'correct' way to do this, or
> > more generally, to enable the LAN hosts to access the laptop
> > seamlessly regardless of its IP address and connection type?
>
> What about connecting to the VPN even from the LAN? So the VPN address
> is always available.

I suppose that's an option, but it just seems so terribly inefficient,
although I suppose that I likely wouldn't even notice during normal work.

> Another thought I've had in the past, but probably won't work in this
> case (because one of the locations is on the same side of the router as
> the other machines) is to give the laptop its own block (on the loopback
> or maybe a dummy device), and adjust the routing tables (which the
> wireguard server will probably do).

Thanks,

Celejar

Reply | Threaded
Open this post in threaded view
|

Re: Accessing a host with variable IP addresses / connection types

Kevin DAGNEAUX
In reply to this post by celejar

> Hi,
>
> I've been bedeviled by this question for a while, but have been unable
> to figure out a clean, non-hackish solution. It may be an XY problem ...
>
> I have a system (laptop, running Debian) that is sometimes connected
> directly to my LAN, and sometimes connected via VPN (wireguard, to the
> local router, running OpenWrt). The LAN is 192.168.0.0/24, with the
> laptop having a fixed, static address in that range (although I'm
> certainly open to using DHCP, possibly with a fixed address
> reservation). The VPN is 10.0.0.0/24, with the laptop getting a fixed,
> static address in that range (and wireguard apparently doesn't work
> with dhcp).
>
> I currently have an entry in /etc/hosts on the various LAN hosts
> assigning a hostname to the laptop's fixed local address, and the LAN
> hosts can access the laptop via that hostname. [I could alternatively
> use dnsmasq, which is running on the router regardless.] This obviously
> doesn't work when the laptop is connected via VPN. [The laptop can
> access the LAN hosts fine via their hostnames, so I seem to have the
> routing correctly configured on the laptop and the router.]
>
> What I seem to want (but maybe XY?) is some way to adjust the host
> files (or dnsmasq's information) so that the hostname will resolve to
> the LAN address when the laptop is connected to the LAN, and the VPN
> address when it's connected via VPN. If everything was using DHCP, this
> would be straightforward enough, but as I said, the VPN apparently
> needs to be configured statically, and not via DHCP. I could obviously
> use some custom script (using, say, ageas, to modify host files) but
> this seems hackish. What is a standard, 'correct' way to do this, or
> more generally, to enable the LAN hosts to access the laptop
> seamlessly regardless of its IP address and connection type?
>
> Celejar
>
Hi,

A possible solution is to use a bridged VPN, in this case, your laptop
will always have the same IP.

Kevin


kevin_dagneaux.vcf (309 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Accessing a host with variable IP addresses / connection types

celejar
On Wed, 17 Apr 2019 08:37:20 +0200
Kevin DAGNEAUX <[hidden email]> wrote:

>
> > Hi,
> >
> > I've been bedeviled by this question for a while, but have been unable
> > to figure out a clean, non-hackish solution. It may be an XY problem ...
> >
> > I have a system (laptop, running Debian) that is sometimes connected
> > directly to my LAN, and sometimes connected via VPN (wireguard, to the
> > local router, running OpenWrt). The LAN is 192.168.0.0/24, with the
> > laptop having a fixed, static address in that range (although I'm
> > certainly open to using DHCP, possibly with a fixed address
> > reservation). The VPN is 10.0.0.0/24, with the laptop getting a fixed,
> > static address in that range (and wireguard apparently doesn't work
> > with dhcp).
> >
> > I currently have an entry in /etc/hosts on the various LAN hosts
> > assigning a hostname to the laptop's fixed local address, and the LAN
> > hosts can access the laptop via that hostname. [I could alternatively
> > use dnsmasq, which is running on the router regardless.] This obviously
> > doesn't work when the laptop is connected via VPN. [The laptop can
> > access the LAN hosts fine via their hostnames, so I seem to have the
> > routing correctly configured on the laptop and the router.]
> >
> > What I seem to want (but maybe XY?) is some way to adjust the host
> > files (or dnsmasq's information) so that the hostname will resolve to
> > the LAN address when the laptop is connected to the LAN, and the VPN
> > address when it's connected via VPN. If everything was using DHCP, this
> > would be straightforward enough, but as I said, the VPN apparently
> > needs to be configured statically, and not via DHCP. I could obviously
> > use some custom script (using, say, ageas, to modify host files) but
> > this seems hackish. What is a standard, 'correct' way to do this, or
> > more generally, to enable the LAN hosts to access the laptop
> > seamlessly regardless of its IP address and connection type?
> >
> > Celejar
> >
> Hi,
>
> A possible solution is to use a bridged VPN, in this case, your laptop
> will always have the same IP.

Thanks. I can't seem to find much information about this - can you
elaborate, or point me to a link? [I'm not a networking expert.]

Currently, my LAN is 192.168.0.0/24, which is also the addressing
scheme of some of the networks out of my control that I'm setting up a
VPN link from. I deliberately used 10.0.0.0/24 for the VPN to avoid
address collisions with these other networks. It did occur to me to
consider using a different address space, for the VPN or perhaps for the
whole home LAN, but I'd rather not take that step just to solve what
seems a relatively simple problem unless absolutely necessary

Celejar

Reply | Threaded
Open this post in threaded view
|

Re: Accessing a host with variable IP addresses / connection types

Kevin DAGNEAUX

Le 17/04/2019 à 14:15, Celejar a écrit :

> On Wed, 17 Apr 2019 08:37:20 +0200
> Kevin DAGNEAUX <[hidden email]> wrote:
>
>>> Hi,
>>>
>>> I've been bedeviled by this question for a while, but have been unable
>>> to figure out a clean, non-hackish solution. It may be an XY problem ...
>>>
>>> I have a system (laptop, running Debian) that is sometimes connected
>>> directly to my LAN, and sometimes connected via VPN (wireguard, to the
>>> local router, running OpenWrt). The LAN is 192.168.0.0/24, with the
>>> laptop having a fixed, static address in that range (although I'm
>>> certainly open to using DHCP, possibly with a fixed address
>>> reservation). The VPN is 10.0.0.0/24, with the laptop getting a fixed,
>>> static address in that range (and wireguard apparently doesn't work
>>> with dhcp).
>>>
>>> I currently have an entry in /etc/hosts on the various LAN hosts
>>> assigning a hostname to the laptop's fixed local address, and the LAN
>>> hosts can access the laptop via that hostname. [I could alternatively
>>> use dnsmasq, which is running on the router regardless.] This obviously
>>> doesn't work when the laptop is connected via VPN. [The laptop can
>>> access the LAN hosts fine via their hostnames, so I seem to have the
>>> routing correctly configured on the laptop and the router.]
>>>
>>> What I seem to want (but maybe XY?) is some way to adjust the host
>>> files (or dnsmasq's information) so that the hostname will resolve to
>>> the LAN address when the laptop is connected to the LAN, and the VPN
>>> address when it's connected via VPN. If everything was using DHCP, this
>>> would be straightforward enough, but as I said, the VPN apparently
>>> needs to be configured statically, and not via DHCP. I could obviously
>>> use some custom script (using, say, ageas, to modify host files) but
>>> this seems hackish. What is a standard, 'correct' way to do this, or
>>> more generally, to enable the LAN hosts to access the laptop
>>> seamlessly regardless of its IP address and connection type?
>>>
>>> Celejar
>>>
>> Hi,
>>
>> A possible solution is to use a bridged VPN, in this case, your laptop
>> will always have the same IP.
> Thanks. I can't seem to find much information about this - can you
> elaborate, or point me to a link? [I'm not a networking expert.]
>
> Currently, my LAN is 192.168.0.0/24, which is also the addressing
> scheme of some of the networks out of my control that I'm setting up a
> VPN link from. I deliberately used 10.0.0.0/24 for the VPN to avoid
> address collisions with these other networks. It did occur to me to
> consider using a different address space, for the VPN or perhaps for the
> whole home LAN, but I'd rather not take that step just to solve what
> seems a relatively simple problem unless absolutely necessary
>
> Celejar
>
Celjar,

You can find some explaination at
https://openvpn.net/community-resources/ethernet-bridging/

Using common network adressing will often give address collisions when
using VPN (routed or bridged VPN), like if on your home network and
remote network you have 2 machin with same IP, one of them will not be
reachable (depending of your routing table).

Kevin


kevin_dagneaux.vcf (309 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Accessing a host with variable IP addresses / connection types

Joe Rowan
In reply to this post by celejar
On Wed, 17 Apr 2019 08:15:09 -0400
Celejar <[hidden email]> wrote:


> Currently, my LAN is 192.168.0.0/24, which is also the addressing
> scheme of some of the networks out of my control that I'm setting up a
> VPN link from. I deliberately used 10.0.0.0/24 for the VPN to avoid
> address collisions with these other networks. It did occur to me to
> consider using a different address space, for the VPN or perhaps for
> the whole home LAN, but I'd rather not take that step just to solve
> what seems a relatively simple problem unless absolutely necessary
>

If you do get pushed to doing that, there are a few commonly used
networks that you should avoid. 10. is often used with a netmask of
/24 or /8, and the latter precludes all 10. variants. Of the 192.168.
groups, 0, 1, 8, 16 and 254 are often used, best use something quite
random like 192.168.137.0/24.

Probably better still is one of the 172.16-172.31 groups, which don't
seem to be used as defaults very often.

--
Joe

Reply | Threaded
Open this post in threaded view
|

Re: Accessing a host with variable IP addresses / connection types

celejar
In reply to this post by Kevin DAGNEAUX
On Wed, 17 Apr 2019 15:29:50 +0200
Kevin DAGNEAUX <[hidden email]> wrote:

>
> Le 17/04/2019 à 14:15, Celejar a écrit :
> > On Wed, 17 Apr 2019 08:37:20 +0200
> > Kevin DAGNEAUX <[hidden email]> wrote:
> >
> >>> Hi,
> >>>
> >>> I've been bedeviled by this question for a while, but have been unable
> >>> to figure out a clean, non-hackish solution. It may be an XY problem ...
> >>>
> >>> I have a system (laptop, running Debian) that is sometimes connected
> >>> directly to my LAN, and sometimes connected via VPN (wireguard, to the
> >>> local router, running OpenWrt). The LAN is 192.168.0.0/24, with the
> >>> laptop having a fixed, static address in that range (although I'm
> >>> certainly open to using DHCP, possibly with a fixed address
> >>> reservation). The VPN is 10.0.0.0/24, with the laptop getting a fixed,
> >>> static address in that range (and wireguard apparently doesn't work
> >>> with dhcp).
> >>>
> >>> I currently have an entry in /etc/hosts on the various LAN hosts
> >>> assigning a hostname to the laptop's fixed local address, and the LAN
> >>> hosts can access the laptop via that hostname. [I could alternatively
> >>> use dnsmasq, which is running on the router regardless.] This obviously
> >>> doesn't work when the laptop is connected via VPN. [The laptop can
> >>> access the LAN hosts fine via their hostnames, so I seem to have the
> >>> routing correctly configured on the laptop and the router.]
> >>>
> >>> What I seem to want (but maybe XY?) is some way to adjust the host
> >>> files (or dnsmasq's information) so that the hostname will resolve to
> >>> the LAN address when the laptop is connected to the LAN, and the VPN
> >>> address when it's connected via VPN. If everything was using DHCP, this
> >>> would be straightforward enough, but as I said, the VPN apparently
> >>> needs to be configured statically, and not via DHCP. I could obviously
> >>> use some custom script (using, say, ageas, to modify host files) but
> >>> this seems hackish. What is a standard, 'correct' way to do this, or
> >>> more generally, to enable the LAN hosts to access the laptop
> >>> seamlessly regardless of its IP address and connection type?
> >>>
> >>> Celejar
> >>>
> >> Hi,
> >>
> >> A possible solution is to use a bridged VPN, in this case, your laptop
> >> will always have the same IP.
> > Thanks. I can't seem to find much information about this - can you
> > elaborate, or point me to a link? [I'm not a networking expert.]
> >
> > Currently, my LAN is 192.168.0.0/24, which is also the addressing
> > scheme of some of the networks out of my control that I'm setting up a
> > VPN link from. I deliberately used 10.0.0.0/24 for the VPN to avoid
> > address collisions with these other networks. It did occur to me to
> > consider using a different address space, for the VPN or perhaps for the
> > whole home LAN, but I'd rather not take that step just to solve what
> > seems a relatively simple problem unless absolutely necessary
> >
> > Celejar
> >
> Celjar,
>
> You can find some explaination at
> https://openvpn.net/community-resources/ethernet-bridging/

Thanks. I'm trying to figure out whether Wireguard, and OpenWrt's
implementation of it in particular, supports bridging.

> Using common network adressing will often give address collisions when
> using VPN (routed or bridged VPN), like if on your home network and
> remote network you have 2 machin with same IP, one of them will not be
> reachable (depending of your routing table).

I think that this won't be much of an issue - when I'm on remote
networks, there typically aren't any hosts on those networks that I need
to access.

Celejar

Reply | Threaded
Open this post in threaded view
|

Re: Accessing a host with variable IP addresses / connection types

celejar
In reply to this post by Joe Rowan
On Wed, 17 Apr 2019 14:59:53 +0100
Joe <[hidden email]> wrote:

> On Wed, 17 Apr 2019 08:15:09 -0400
> Celejar <[hidden email]> wrote:
>
>
> > Currently, my LAN is 192.168.0.0/24, which is also the addressing
> > scheme of some of the networks out of my control that I'm setting up a
> > VPN link from. I deliberately used 10.0.0.0/24 for the VPN to avoid
> > address collisions with these other networks. It did occur to me to
> > consider using a different address space, for the VPN or perhaps for
> > the whole home LAN, but I'd rather not take that step just to solve
> > what seems a relatively simple problem unless absolutely necessary
> >
>
> If you do get pushed to doing that, there are a few commonly used
> networks that you should avoid. 10. is often used with a netmask of
> /24 or /8, and the latter precludes all 10. variants. Of the 192.168.
> groups, 0, 1, 8, 16 and 254 are often used, best use something quite
> random like 192.168.137.0/24.
>
> Probably better still is one of the 172.16-172.31 groups, which don't
> seem to be used as defaults very often.

Thanks. When I first set up the VPN, I did some reading about this, and
I was rather shocked to see that there was no definitive solution to
avoid address collisions, just recommendations like yours to try to
make a good guess about it ...

Celejar

Reply | Threaded
Open this post in threaded view
|

Re: Accessing a host with variable IP addresses / connection types

Michael Stone-2
On Wed, Apr 17, 2019 at 11:57:43AM -0400, Celejar wrote:
>Thanks. When I first set up the VPN, I did some reading about this, and
>I was rather shocked to see that there was no definitive solution to
>avoid address collisions

Sure there is--globally unique IPs.

Reply | Threaded
Open this post in threaded view
|

Re: Accessing a host with variable IP addresses / connection types

celejar
On Wed, 17 Apr 2019 12:10:56 -0400
Michael Stone <[hidden email]> wrote:

> On Wed, Apr 17, 2019 at 11:57:43AM -0400, Celejar wrote:
> >Thanks. When I first set up the VPN, I did some reading about this, and
> >I was rather shocked to see that there was no definitive solution to
> >avoid address collisions
>
> Sure there is--globally unique IPs.

I assume you're referring to IPv6? I was referring to IPv4.

Celejar

Reply | Threaded
Open this post in threaded view
|

Re: Accessing a host with variable IP addresses / connection types

Michael Stone-2
On Wed, Apr 17, 2019 at 12:38:11PM -0400, Celejar wrote:

>On Wed, 17 Apr 2019 12:10:56 -0400 Michael Stone <[hidden email]> wrote:
>
>> On Wed, Apr 17, 2019 at 11:57:43AM -0400, Celejar wrote:
>> >Thanks. When I first set up the VPN, I did some reading about this, and
>> >I was rather shocked to see that there was no definitive solution to
>> >avoid address collisions
>>
>> Sure there is--globally unique IPs.
>
>I assume you're referring to IPv6? I was referring to IPv4.

It applies to both, though we've run out of IPv4. There's no other way
to guarantee the absence of network collisions.

Reply | Threaded
Open this post in threaded view
|

Re: Accessing a host with variable IP addresses / connection types

Richard Hector
In reply to this post by celejar
On 18/04/19 12:15 AM, Celejar wrote:
> Currently, my LAN is 192.168.0.0/24, which is also the addressing
> scheme of some of the networks out of my control that I'm setting up a
> VPN link from. I deliberately used 10.0.0.0/24 for the VPN to avoid
> address collisions with these other networks. It did occur to me to
> consider using a different address space, for the VPN or perhaps for the
> whole home LAN, but I'd rather not take that step just to solve what
> seems a relatively simple problem unless absolutely necessary

I ran into that - needing to VPN between 2 networks which clashed, and
neither of which I could renumber. In the end I gave up on IPv4, and all
my VPNs are now IPv6-only. It took some learning, but that was really an
added advantage.

Richard


signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Accessing a host with variable IP addresses / connection types

celejar
On Thu, 18 Apr 2019 04:49:56 +1200
Richard Hector <[hidden email]> wrote:

> On 18/04/19 12:15 AM, Celejar wrote:
> > Currently, my LAN is 192.168.0.0/24, which is also the addressing
> > scheme of some of the networks out of my control that I'm setting up a
> > VPN link from. I deliberately used 10.0.0.0/24 for the VPN to avoid
> > address collisions with these other networks. It did occur to me to
> > consider using a different address space, for the VPN or perhaps for the
> > whole home LAN, but I'd rather not take that step just to solve what
> > seems a relatively simple problem unless absolutely necessary
>
> I ran into that - needing to VPN between 2 networks which clashed, and
> neither of which I could renumber. In the end I gave up on IPv4, and all
> my VPNs are now IPv6-only. It took some learning, but that was really an
> added advantage.

I've been toying with this, since IPv6 is probably worth moving to
anyway, but for the current problem, it still seems like overkill - the
crude solution of just editing /etc/hosts by hand just works ;)

Celejar

Reply | Threaded
Open this post in threaded view
|

[OT] IP address collisions (was: Accessing a host with variable IP addresses / connection types)

Pascal Hambourg-2
In reply to this post by Michael Stone-2
Le 17/04/2019 à 18:42, Michael Stone a écrit :

> On Wed, Apr 17, 2019 at 12:38:11PM -0400, Celejar wrote:
>> On Wed, 17 Apr 2019 12:10:56 -0400 Michael Stone <[hidden email]>
>> wrote:
>>
>>> On Wed, Apr 17, 2019 at 11:57:43AM -0400, Celejar wrote:
>>> >I was rather shocked to see that there was no definitive solution to
>>> >avoid address collisions
>>>
>>> Sure there is--globally unique IPs.
>>
>> I assume you're referring to IPv6? I was referring to IPv4.
>
> It applies to both, though we've run out of IPv4. There's no other way
> to guarantee the absence of network collisions.

A properly generated IPv6 ULA (Unique Local Address) prefix is unlikely
to have collisions.

Reply | Threaded
Open this post in threaded view
|

Re: [OT] IP address collisions (was: Accessing a host with variable IP addresses / connection types)

Curt
On 2019-04-17, Pascal Hambourg <[hidden email]> wrote:

> Le 17/04/2019 à 18:42, Michael Stone a écrit :
>> On Wed, Apr 17, 2019 at 12:38:11PM -0400, Celejar wrote:
>>> On Wed, 17 Apr 2019 12:10:56 -0400 Michael Stone <[hidden email]>
>>> wrote:
>>>
>>>> On Wed, Apr 17, 2019 at 11:57:43AM -0400, Celejar wrote:
>>>> >I was rather shocked to see that there was no definitive solution to
>>>> >avoid address collisions
>>>>
>>>> Sure there is--globally unique IPs.
>>>
>>> I assume you're referring to IPv6? I was referring to IPv4.
>>
>> It applies to both, though we've run out of IPv4. There's no other way
>> to guarantee the absence of network collisions.
>
> A properly generated IPv6 ULA (Unique Local Address) prefix is unlikely
> to have collisions.
>

I thought that was exactly what he was saying.


Reply | Threaded
Open this post in threaded view
|

Re: Accessing a host with variable IP addresses / connection types

celejar
In reply to this post by Michael Stone-2
On Wed, 17 Apr 2019 12:42:06 -0400
Michael Stone <[hidden email]> wrote:

> On Wed, Apr 17, 2019 at 12:38:11PM -0400, Celejar wrote:
> >On Wed, 17 Apr 2019 12:10:56 -0400 Michael Stone <[hidden email]> wrote:
> >
> >> On Wed, Apr 17, 2019 at 11:57:43AM -0400, Celejar wrote:
> >> >Thanks. When I first set up the VPN, I did some reading about this, and
> >> >I was rather shocked to see that there was no definitive solution to
> >> >avoid address collisions
> >>
> >> Sure there is--globally unique IPs.
> >
> >I assume you're referring to IPv6? I was referring to IPv4.
>
> It applies to both, though we've run out of IPv4. There's no other way

In other words, with IPv4, there's no *practical* solution, since a
typical end user isn't going to get arbitrary numbers of IP addresses.

> to guarantee the absence of network collisions.

Celejar

Reply | Threaded
Open this post in threaded view
|

Re: Accessing a host with variable IP addresses / connection types

Michael Stone-2
On Wed, Apr 17, 2019 at 06:11:43PM -0400, Celejar wrote:
>In other words, with IPv4, there's no *practical* solution, since a
>typical end user isn't going to get arbitrary numbers of IP addresses.

So use IPv6.

123